As computer processing technology became increasingly popular, the need for enhanced security of computing resources increased. The vast availability of computing platforms and technologies have created opportunities for computer hackers to surreptitiously gain access to the computing resources belonging to unsuspecting individuals and use those computing resources to carry out anything from mischievous pranks to crippling Denial of Service (DoS) attacks, to widespread financial fraud.
A longstanding protection used against such unauthorized access to a computing device or its corresponding resources is through the use of Network protections. Network protections such as Firewalls, proxy servers, and intelligent network gateways and routers protect computer resources on a network by, generally speaking, denying access to any computer which makes unsolicited requests for resources from a protected device, or attempts to execute commands or send information to the protected device without prior approval.
Unfortunately, network protections cannot protect against all mechanisms by which modern computer hackers attempt to gain unauthorized access to computing resources. For example, computer hackers may attempt to gain unauthorized access to a computing resource or to information within a computing device by tricking an unsuspecting victim into executing computer code locally that, for example, accesses protected memory areas belonging to unrelated processes, modifies a portion of another executable process image in memory, writes malicious or unauthorized code to an area of memory and then marks that writable area as executable, or causes programs and processes on the computing device to dynamically load executable code not originally intended for execution.
Such computer code when loaded, modified, or written into memory in such a way can be made to carry out any manner of malicious or unauthorized tasks, such as secretly authorizing remote network access to the computing device, sending sensitive data to a remote location, or opening a hidden gateway for a remote computing device to execute commands locally at the unsuspecting computer host.
Traditional mechanisms that exist for ensuring computer code is “trusted” or otherwise safe to execute on a local machine are, unfortunately, too time consuming and costly for generally available consumer applications. A hands-on extensive examination of the subject code is required to seek out any bugs or malicious code that could violate the intended security precautions, and only after such an examination is completed, is an executable image of the computer code certified as “trusted” for a particular application. While such a process is common place in mission critical Enterprise applications and very high security environments, this process is simply not feasible for a vast number of general utility computer applications.
Other mechanisms which have been proposed include modifying existing applications to self-certify that they do not, for example, modify memory portions allocated to other processes, attempt to modify the executing code of other processes, or attempt to cause other images, or themselves, to dynamically load malicious code segments for execution. Unfortunately, such a proposed mechanism is easily overcome by any computer programmer who either negligently or maliciously fails to adhere to the stated program requirements.
Another proposed mechanism includes rewriting a host operating system in conjunction with re-written executable applications which must adhere to certain requirements, such as not attempting to modify or access memory allocated to other processes, and then having those requirements checked and enforced by the operating system itself. While such a mechanism is more difficult to overcome, an extensive amount of effort must be invested in upgrading and updating so called, “legacy” applications, which are often unsupported, in order to make those applications execute within an operating system that enforces such programming requirements. Even computer applications which enjoy current support would require significant efforts to ensure the applications are compatible with the new requirements. Such a solution is thus impractical for many computer applications.
There are a great many applications which would therefore, be rendered obsolete, or incompatible with a new operating system having the more strict security requirements which prohibit certain types of memory access or modification of executing code.